How do I get rid of all this spam?!?!

Spam is getting worse; there's no question. What can you do about it? There's no magic answer, but there are various things you can do to help.

If it seems like the amount of spam you’re seeing has been getting worse, that’s only because it has. Spam in all its variants has only been increasing and attempts to legislate a solution appear to have had little if any impact.

So what’s a poor user to do?

The bottom line is that there is still no magic answer and no silver bullet. There is no solution today that will guarantee you get only the email you want while at the same time guaranteeing that you will get all the email you want. There are many partial solutions that have varying degrees of success, depending on your needs and your willingness to accept some of the restrictions or some additional steps.

But all current solutions risk both of the unwanted alternatives: letting some spam through and preventing legitimate mail from reaching you.

Spam filters

Filters remain the most popular solutions across ISPs, email services, and even email programs.

Filters work by analyzing email prior to your seeing it and then flagging or even deleting the email that it thinks is spam. Characteristics used by filters to determine whether or not an email is spam may include:

“

The bottom line is that there is still no magic answer and no silver bullet.

The presence of words or phrases that are most commonly associated with spam such as the names of assorted drugs, sexual terms, and more.

The presence of links within the mail that go to known malicious or suspicious sites associated with spammers.

The presence of links within HTML-formatted mail that mask where they actually link.

The presence of attachments or attachments scanned and found to contain malware.

Email from IP addresses associated with spammers.

Email from email addresses associated with spammers.

“Too much” email from a single source in too short a period of time. (Not just to you, but perhaps to multiple recipients on your email service.)

And probably many, many more thing that I can’t think of.

One problem is that no two spam filters use the same criteria, and no two will use all the criteria. Similarly, the importance of one criteria over others will change over time. It used to be that targeting IP addresses was a good technique because spammers tended to use specific mail servers from which to send their spam. Now, of course, with the rise of “botnets” almost any computer on the internet could be the source of spam and blocking IP addresses becomes a futile technique.

Another problem, of course, is that criteria often lead to bad results – sometimes filters get it wrong. It’s typical to continue to receive a reduced number of spam emails even with filtering in place. Worse is that filters will occasionally mark as spam email that you truly wanted. In a business situation, this is simply unacceptable.

I actually don’t have any formal recommendations for spam filters. Not because there aren’t good ones out there, but because they are very specific to either your email server or ISP or to your email client. You may already have several spam filters available to you:

Your email service or ISP will in all likelihood already have one for you. Make sure that it’s enabled.

Your email program (Outlook, Thunderbird, etc.) will also likely have one as well. Make sure that it, too, is enabled.

There are third-party programs like Mailwasher that you can install that will also filter your email.

My current solution is Gmail coupled with Thunderbird. All my email is routed through a Gmail account for spam filtering and then what’s left is filtered again by Thunderbird.

Check your folders: any time you use a filter to remove spam, you must check your “spam” or “junk mail” folders. As I mentioned above, filters are never 100% accurate and will occasionally mark something as spam that is not.

Multiple addresses

Another common approach – even if you use filtering already – is to have multiple email addresses.

Select one email address to be your “private” guarded email address – much like an unlisted phone number – that you never, ever use in situations where the email address might be harvested for spam mailing lists.

Create additional “throw-away” email addresses that you use only for a limited time (say when registering a product) or for a limited purpose (like registering for a website) and can safely ignore after those purposes have been met.

Challenge/Response

Another entry into the fight against spam is something called challenge/response. It’s available as a service from various companies and is now also sometimes offered or even required by some ISPs.

Challenge/response as its name implies is a challenge sent in response to email from an unknown source to prove that the sender is human. If they respond and confirm that they are, a) they are remembered and never have to see a challenge again, and b) the mail they sent you is delivered. If they do not respond, then you never see the email or have to take extra steps to check for it.

The problem with challenge/response relates to any mailing list you might sign up for, any online purchase that might result in sending you an email confirmation, or any legitimate organization that might send you valid yet automated email. This is email you want. Yet senders to such lists do not have the time or the resources to respond to a challenge for each of their recipients. Typically, they’ll simply ignore all challenges. The result: unless you remember to proactively white-list them beforehand, then you won’t get the email you request.

White and Black lists

Almost all of the solutions above also include the ability to “whitelist” or “blacklist” an email address.

Whitelisting means that you’ve indicated that email from a particular address should never be flagged as spam or delayed in any way. Blacklisting means just the opposite: email from a particular address should always be flagged as spam and never delivered to you.

While whitelisting and blacklisting can be important additions to the anti-spam regimen – whitelisting is particularly important to prevent false-positive spam filtering of things like newsletters – they are far from perfect. Spammers have the ability to “spoof” the “From:” address in email, making it looks like it comes from someone other than it really does – often even yourself.

The bottom line

As I said, there’s no magic bullet. Spam is here for the foreseeable future. However, there are steps that you should take to reduce the amount you get:

Be protective of your email address. Don’t post it publicly or it’ll get harvested and used by spammers. Share it only with people and businesses you trust.

Learn the nuances of the spam filters available to you.

Learn how to whitelist email addresses in whatever email program and perhaps with whatever email service you use.

Enable both spam filtering by your provider and in your desktop email program if you use one.

Check your junk or spam folders regularly.

Never mark as spam email that you have asked for.

Don’t stress out – use the Delete key liberally and move on.

(This is an update to an article originally published in January of 2004.)

About Leo

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

If it’s a result of the current virus infection, you may not be able to do much. I just wrote an article on it: http://ask-leo.com/archives/000065.html – see if that doesn’t at least explain what might be going on.

For Outlook users:
I have been having a lot of success with a Spam filter called spambayes. You can find it at spambayes.org. I’ve yet to have a “good” email get deleted. If the filter isn’t sure, it will deposit it into a folder called Junk Suspects and then you can tell the filter whether it is good or bad. The filter learns from past emails which is good and which is bad. If you have a bunch of emails saved up (both good and spam) you can give it a headstart when it first initializes.

I get rid of SPAM by hitting MESSAGE and BLOCK SENDER. It would send it to TOOLS, BLOCK SENDER LIST. But Recently the list of blocked addresses has disappeared and if I do it, the address only goes on the list for a minute and then disappears!! What is happening??????

I tried to use different spam filters for Outlook (not Express): Inboxer, Spam Bully, Outlook Spam Filter and others. Finally I came to Spam Reader and it’s most suitable for me – very simple but very effective. http://www.spam-reader.com

Leo,
I am not interested in any email that “domains” from China, or Russia. Is there a way of blocking all mail which has any connection to these countries. What I’m asking I guess, is there a way of simply having this mail not even leave my ISP or at least auto delete forever without my even knowing it existed.
I’m not concerned about ‘good’ mail not reaching me because I’m not interested in *any* mail that has in its headers any reference to China or Russia.
MailWasher blacklists most of these but I still have have to go through them and manually delete them. I would rather they didn’t even show up in MailWasher at all.
—
Mark Clydesdale
Vancouver, Canada

Until recently, my e.mail with Yahoo(Beta) was wonderfully spam-free, and I pitied everyone else from the luxury of my clean inbox. HOWEVER.. I now have hundreds of pleas (in broken English) from all over the world, begging me to help them get money out of their country, etc etc – (I stupidly opened the first one) – and I have been told (in the headers) that I’ve won more lotteries than I can count.
If this is what normal spam is, then this is nothing different, so feel free to delete me,(!) but I thought that spam tried to sell you something more specific, and that maybe this was a newish phenomenon.
I don’t get how they ALL manage to fool Yahoo’s spam filter SO efficiently, and was wondering if some ghastly new unstoppable spam mutation had spawned, or something..? I don’t WANT to lose that e.mail address, dammit..

Has anyone tried Mailwasher? I have been using it for years, literally. it’s not one for the online emails like Yahoo or MSN, but for your home email addresses. You run mailwasher before checking for emails in your email program. Mailwasher will look and see what messages are on the server for you, and at that time you can bounce them back (sent to the REAL sender) or you can okay them as legit. I get virtually no spam. When a spammer sends one, you can bounce it back and it sends the message that your email address does not exit. These are email address’s I’ve had for over 10 years. I wonder why the mail servers don’t have this built in technology. It’s a great free little program, I use it on both the Mac and PC. Can even add multiple email addresses, as I have, to have it check them all first without downloading anything. Once you’ve ‘cleaned’ up your incoming mail, then go to your usual email program like Outlook, and you only download the good stuff. Site is Mailwasher . org for those interested. Hope that helps!

A recent entry into the fight against spam is something called challenge/response. It’s available as a service from various companies and is now also sometimes offered or required by some ISPs. Challenge/response as its name implies is a challenge sent in response to email from an unknown source to prove that the sender is human. If the respond and confirm that they are, a) they are remembered and never have to see a challenge again, and b) the mail they sent you is delivered. If they do not respond then you never see the email.

Another vote for “Mailwasher”, I have the pay for (Pro Version) and it is just great.
Have no affiliation with these people who I believe are in New Zealand but saves me from hundreds of these cursed spammers.

Some anti-spam methods are better than others.
Blocking every ‘SPAM’ sender will eventually have you try to block yourself – a lot of the spam I receive these days is apparently sent by me…
Challenge / Response methods also suffer from the above spamming technique – either they let it through, or replace the original spam with a Challenge.

Some time ago, there was a rumour that ISP’s were going to charge a penny an e-mail (starting with Microsoft). While a lot of people shouted about it, I think it had merit – though it would be unfair against ‘bot’ infections.
I think there should be a limit on how many e-mails a given PC can send (unless it registers as a ‘business’ with it’s ISP).

Leo’s technique is best.
Step 1 – use GMail
Step 2 – use GMail
Step 3…etc.
In 5 years I’ve had probably 5 spam messages get through.
If you’re concerned about your Outlook or Thunderbird or whatever, no problems – keep receiving it that way but divert it to your GMail client. Every few months, just flush out the ‘old school’ client.

My simple solution: use my email (Outlook) junk/spam trainer every day; check junk every few days, “unjunk” those which aren’t and delete all remaining junk.

This may not help for those with large volumes of spam, but I find that if I keep this up, I don’t build up too overwhelming a collection of messages to deal with. It takes some deliberation, which is sometimes hard to come by.

I use filters on my email account (Horde) and Thunderbird and Mailwasher and still get about 150 spams a day, mostly multiple copies of the same span with subject on the banned list. So how are they breaking through?

I am either extremely lucky or I must be doing something right. First of all, I get almost 0 spam in all my POP3 accounts (my own Web site). But then, I never post them anywhere and I only use those eMail addresses for SERIOUS uses. (Banks, eBay, purchases from known sites, reputable computer sites, like this one, etc.
Then I have a Yahoo account which I use for stuff like CraigsList. That account receives perhaps 20 or so spam messages per day and I report each and everyone to the associated “gate keeper”. Both Yahoo and HotMail (MSN, Live, etc.) acknowledge every message reported as spam and either report back their “action” or tell you if the eMail “faked” its origin.
For everything else, I copy and paste into SpamCop’s window and let it figure out to whom to report it.
Speaking of CraigsList, beware of “generic” replies (like “Why are you selling this?”, “What is your location”, “I’ll buy this”, etc.) They are all intended to elicit a response and then they will have your actual eMail address thus working around CraigsList’ redirection. I report ALL generic responses as spam suggesting they check the account’s outgoing box to verify that they only send that type of traffic. Almost everything I have reported to Report_Spam@HotMail.Com has resulted in a message saying they closed the account. Network-abuse@cc.yahoo-inc.com is NOT so informative but they either reply that they have taken “appropriate action” (90 %) or that the message did not originate from Yahoo or that they cannot do anything.
It seems like a never ending task but if everyone does his/her part it will help. I know that I have seen certain specific types of spam totally disappear from my box. (For example, those sent via CraigsList posting with links to “Google posting” get rich schemes. All of those I saw came from “reportable” eMail addresses like AOL, AIM, HotMail, Live, MSN, Yahoo, etc. and I reported each and everyone of them. That scheme, for example, is gone from my eMail stream. I suspect that these were from souls that bought the “kit” and got tired of having to get a new eMail address everyday, perhaps even more often.

I use SpamBully to get rid of my spam messages. It works very easy. All you do is tell the program what emails are good and which ones are spam and it gathers your information to decide the difference. It also has a 1 click interface to let you report the spam. Here is a link to my own information on the product and if you what a copy of it there is a link to where you can make the purchase. It is the best software I have ever owned for ridding myself of email spam. SpamBully Product review and purchase

i have searched ‘ask-leo’ but can’t find how TO CREATE a whitelist for thunderbird email..can’t find the word ‘whitelist OR blacklist’ anywhere under any file, view, tools etc.
i have no spam problem just a problem receiving some pictures especially if sent from a mac to my pc.

Thunderbird doesn’t ahve a “whitelist” or “blacklist” as such. It uses an adaptive (learning) junk mail filter, and allows you to specify address books as containign email addresses that should never be marked as junk (effectively a whitelist). Check the Account Settings for each account you have configured and you’ll find a Junk settings section.

A number of people (including me) have been receiving a particular type of spam from a source that uses a product or service name, such as Cheaper-AutoCoverage followed by . You don’t identify this particular kind of spam in your article and I wanted to bring it to your attention. Many people seem to believe that the spam comes from AT&T, but they are falling from the “spoof” as you describe it in your article.

I have been unable to filter these emails and it appears that others have had no success as well. Is it possible to block a bracketed address that is associated with many names? I had no success trying to filter with ATT.net or Outlook. With Outlook it’s possible to search for any email from the bracketed address (ignoring the name) so I can delete these without reading them, but I really don’t want to see them in my email list to begin with.

My solution, which is still working well over two years now, is to have all my non-family and friends’ e-mail sent to my Gmail account, and to set up Gmail to forward it to my regular e-mail account, and to retain a copy on the Gmail server. Every once in a while I check my Gmail account’s Spam and Trash folders to verify that no “good” mail gets spammed or trashed, and that all the mail in the Spam folder is indeed spam. I’m very happy with this simple arrangement. I am getting all my e-mail without a trace of spam.

Please could you outline the actual steps of “routing email via gmail for spam filtering” do you need a backup email address on your own domain? Or is it achievable using only one “own” email address + forwarding tricks? Thanks

A spammer, sending spam that is faked to look like it came from you, sent spam to an email address that had whatever problem is listed in the bounce message. Since the message was faked to look like it came from you, you get the bounce. This is very common, and there’s nothing to be done.

Leave a reply:

Read the article. Seriously. You'd be shocked at how many people make comments that prove they didn't.

Comment only on the article. If you have a new, unrelated question start with the search box at the top of the page.

Don't post personal information. Email addresses, phone numbers and such will be removed.

VERY IMPORTANT: because of a rise in comment spam that's making it through our filters any comments that do not add to the discussion - typically off topic or content-free comments - run a very high risk of being flagged as spam and removed.

If you have a new question unrelated to the article above, ask it on the Ask Leo! ask-a-question page.